EinsatzOnline
/
EinsatzOnline
1
0
Fork 0
Code Issues 19 Pull Requests Projects 5 Releases Wiki Activity

Bugfix: Do not count correct logins for login attempts

This commit is contained in:
Keanu D?lle 2021-01-02 12:35:57 +01:00
parent 459fca2996
commit ba49da8401
2 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/database/controller/login_protection.rs
View File

@ -28,12 +28,11 @@ pub fn login_attempts_exceeded(settings: &State<Settings>, email: String) -> Res
if result.count > settings.application.max_login_attempts as i64 { if result.count > settings.application.max_login_attempts as i64 {
Ok(true) Ok(true)
}else{ }else{
add_login_attempt(settings, email)?;
Ok(false) Ok(false)
} }
} }
fn add_login_attempt(settings: &State<Settings>, email2: String) -> Result<(), diesel::result::Error>{ pub(crate) fn add_login_attempt(settings: &State<Settings>, email2: String) -> Result<(), diesel::result::Error>{
use crate::schema::login_attempts::dsl::{login_attempts, email}; use crate::schema::login_attempts::dsl::{login_attempts, email};
let connection = establish_connection(settings); let connection = establish_connection(settings);

7
src/modules/welcome/controller/login.rs
View File

@ -4,10 +4,12 @@ use crate::helper::session_cookies::model::SessionCookieStorage;
use crate::modules::welcome::model::login_error_type::LoginError; use crate::modules::welcome::model::login_error_type::LoginError;
use crate::helper::settings::Settings; use crate::helper::settings::Settings;
use crate::modules::welcome::model::login_form::LoginForm; use crate::modules::welcome::model::login_form::LoginForm;
use crate::database::controller::login_protection::add_login_attempt;
use chrono::{Duration, Utc}; use chrono::{Duration, Utc};
use rocket::http::{Cookie, Cookies}; use rocket::http::{Cookie, Cookies};
use rocket::State; use rocket::State;
use crate::database::controller::login_protection::login_attempts_exceeded; use crate::database::controller::login_protection::login_attempts_exceeded;
use diesel::result::Error;
pub fn check_login(login_form: LoginForm, settings: &State<Settings>) -> Result<User, LoginError> { pub fn check_login(login_form: LoginForm, settings: &State<Settings>) -> Result<User, LoginError> {
let user: User = match get_user_by_email(login_form.login_email.clone().to_lowercase(), &settings){ let user: User = match get_user_by_email(login_form.login_email.clone().to_lowercase(), &settings){
@ -29,7 +31,10 @@ pub fn check_login(login_form: LoginForm, settings: &State<Settings>) -> Result<
if result{ if result{
return Err(LoginError::MaxLoginAttemptsExceeded) return Err(LoginError::MaxLoginAttemptsExceeded)
}else{ }else{
return Err(LoginError::UserNotFound) match add_login_attempt(settings, login_form.login_email.to_lowercase()){
Ok(_) => return Err(LoginError::UserNotFound),
Err(_) => return Err(LoginError::DatabaseError)
}
} }
}, },
Err(_) => { Err(_) => {